Problem solved.
It was the antivirus FW who caused the problem, even if the rule was
any-any.
After disabling the FW, connections to other resources works.
Thanks for helping!
Jordan
On Thu, 30 Nov 2006 12:46:13 +1100, "Bill Grant"
<not.available@online> wrote:
> If you are using IP addresses in the same IP subnet for both the LAN and
>the remote machines, there is no real routing taking place, so there is no
>point in adding any static routes. What should happen is that the server
>acts as a proxy for the remote client. It does proxy ARP on the LAN. Other
>machines on the LAN communicate directly with the remote client as if it was
>on the LAN using its hardware MAC address. The server acts for it and relays
>the data across the VPN link.
>
> The only thing I am aware of that fouls this up is that some switches do
>not properly handle proxy ARP well. If you are in that position, the best
>idea is to put the remotes in their own IP subnet and route this subnet
>through the RRAS server. (ie use a static address pool, not DHCP). This is
>the best approach to take in all cases except a simple one segment-one
>subnet LAN. The same subnet technique (called on-subnet addressing) was
>developed to allow people with simple networks to get remote access working
>without having to understand routing. In a routed network it is safer to use
>off-subnet addressing (ie put the remotes in their own subnet) and handle
>the routing yourself.
>
><Jordan> wrote in message news:(E-Mail Removed)...
>> Can't ping other servers on same LAN by IP, must be routing problem.
>> Client recieve IP in the same subnet, from server DHCP.
>> Server configured with DHCP, WINS, DNS and VPN RAS.
>>
>> Nothing is configured in RAS Admin - No policy and no Static Route.
>>
>> Route print listed - client IP masked xy.
>>
>> IPv4 Route Table
>> ================================================== =========================
>> Interface List
>> 0x1 ........................... MS TCP Loopback interface
>> 0x10002 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
>> 0x10003 ...00 0b cd 4e f6 9e ...... HP NC7760 Gigabit Server Adapter
>> ================================================== =========================
>> ================================================== =========================
>> Active Routes:
>> Network Destination Netmask Gateway Interface
>> Metric
>> 0.0.0.0 0.0.0.0 192.168.100.1 192.168.100.10
>> 20
>> xy.xy.xy.xy 255.255.255.255 192.168.100.1 192.168.100.10 20
>> 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
>> 172.16.0.0 255.255.252.0 192.168.100.250 192.168.100.10 1
>> 192.168.100.0 255.255.255.0 192.168.100.10 192.168.100.10
>> 20
>> 192.168.100.10 255.255.255.255 127.0.0.1 127.0.0.1
>> 20
>> 192.168.100.107 255.255.255.255 192.168.100.110 192.168.100.110 1
>> 192.168.100.110 255.255.255.255 127.0.0.1 127.0.0.1
>> 50
>> 192.168.100.255 255.255.255.255 192.168.100.10 192.168.100.10
>> 20
>> 224.0.0.0 240.0.0.0 192.168.100.10 192.168.100.10
>> 20
>> 255.255.255.255 255.255.255.255 192.168.100.10 192.168.100.10 1
>> Default Gateway: 192.168.100.1
>> ================================================== =========================
>> Persistent Routes:
>> Network Address Netmask Gateway Address Metric
>> 172.16.0.0 255.255.252.0 192.168.100.250 1
>>
>>
>> Jordan
>>
>>
>> On Wed, 29 Nov 2006 11:00:40 +1100, "Bill Grant"
>> <not.available@online> wrote:
>>
>>> There are two distinct things to look at here. They are routing and name
>>>resolution.
>>>
>>> Check to see if you can ping a LAN machine by its IP address. If you
>>>can, routing is working, so adding static routes won't change anything.
>>>You
>>>need to look at name resolution. If you are using DNS, check that the
>>>client
>>>has the correct DNS server address and also the correct DNS suffix. If you
>>>are relying on Netbios for name resolution, check that the client has the
>>>correct WINS address.
>>>
>>> If you cannot ping by IP it may be a routing problem. What IP subnet
>>> are
>>>you using on the LAN? Does the remote client receive an IP address in this
>>>subnet?
>>>
>>><Jordan> wrote in message
>>>news:(E-Mail Removed) ...
>>>> Hi
>>>>
>>>> Have used the RAS wizzard (custom choice, had to use this one because
>>>> of one NIC) to configure a RAS VPN connection.
>>>> This is a single NIC w2k3sp1 server.
>>>>
>>>> The VPN client can map local drives at the server.
>>>>
>>>> But can't map drives and shares on other servers on the local network,
>>>> which I want.
>>>>
>>>> Do I have to "route -add" something?
>>>>
>>>> Any clue?
>>>>
>>>> Regards
>>>> Jordan
>>>
>
|
Similar Threads
Linear Mode
